Recently I had to evaluate an older encryption service that existed in an Java app. The service was written in the early days when the JCE was relatively new and it used BouncyCastle as the provider. While coded quite well the service had code which handled all sorts of the low level JCE stuff like [...]
